CVE-2022-45343 — Use After Free in Gpac

Severity

7.8HIGHNVD

EPSS

0.1%

top 84.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 29

Description

GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶NVDgpac/gpac< 2.2.0

▶debiandebian/gpac< gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)

▶Debiangpac/gpac< 1.0.1+dfsg1-4+deb11u2

OSV

CVE-2022-45343: GPAC v2↗2022-11-29

▶

GHSA

GHSA-5v99-ghrr-2564: GPAC v2↗2022-11-29

▶

Debian

CVE-2022-45343: gpac - GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-afte...↗2022

▶